Hi Chlo! I was just testing a fix that I did myself: https://launchpad.net/~georgiag/+archive/ubuntu/lp2009230/+packages and it seemed to work as expected.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/2009230 Title: AppArmor denials for rsyslog Status in gce-compute-image-packages package in Ubuntu: New Status in rsyslog package in Ubuntu: New Status in gce-compute-image-packages source package in Lunar: New Status in rsyslog source package in Lunar: New Bug description: The AppArmor profile for rsyslog, which had been disabled on previous Ubuntu versions, was enabled in lunar. The package google-compute-engine added a config file to rsyslog which requires rw access to /dev/console google:ubuntu-23.04-64 /root# cat /etc/rsyslog.d/90-google.conf # Google Compute Engine default console logging. # # daemon: logging from Google provided daemons. # kern: logging information in case of an unexpected crash during boot. # daemon,kern.* /dev/console google:ubuntu-23.04-64 /root# apt-file search /etc/rsyslog.d/90-google.conf google-compute-engine: /etc/rsyslog.d/90-google.conf So in gce cloud images, we are getting the following denials: [ 1500.302082] audit: type=1400 audit(1677876883.728:495): apparmor="DENIED" operation="open" class="file" profile="rsyslogd" name="/dev/console" pid=603 comm=72733A6D61696E20513A526567 requested_mask="ac" denied_mask="ac" fsuid=101 ouid=0 To fix it, we just need to add /dev/console rw, to /etc/apparmor.d/usr.sbin.rsyslogd or the same permission should be added to a file in /etc/apparmor.d/rsyslog.d/ by the google-compute-engine package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gce-compute-image-packages/+bug/2009230/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
